Systems and methods for monitoring messaging applications for compliance with a policy

ABSTRACT

The present inventions relate systems and methods for monitoring and managing electronic messages in one or more computer networks. More particularly, the systems and methods of the present invention provide a substantially global or unified approach to messaging management within one or more computer networks that allows network administrators or other authorized users to define and identify electronic messages of interest within the network and store selected messages such that they can be retrieved and examined in connection with an audit or other inquiry.

INCORPORATION BY REFERENCE TO ANY PRIORITY APPLICATIONS

Any and all applications for which a foreign or domestic priority claim is identified in the Application Data Sheet as filed with the present application are hereby incorporated by reference under 37 CFR 1.57.

BACKGROUND

The inventions described herein relate to electronic communication systems. More particularly, the inventions described herein relate to systems and methods for monitoring messages in electronic communication systems that allows network operators to define and identify messages of interest, classify and organize those messages to efficiently store them to facilitate subsequent retrieval, auditing or compliance inquiries.

Currently, corporate environments provide numerous forms of electronic communication. For example, corporate employees may communicate internally or with others outside the company through telephones, videophones, voicemail, email, text messages, instant messages, or through electronic collaboration applications such as chat rooms or online blogs. In many cases, these messaging solutions may further include imbedded content such as audio, video or text based attachments that convey or otherwise communicate the desired information, with the messaging application merely acting as a delivery agent.

Such messaging applications can be divided into two general groups, synchronous and asynchronous. Synchronous messaging typically involves a substantially instant dialogue between the communicating parties. Asynchronous messaging, on the other hand, involves monologue-based messages between the communicating parties, which are stored in a known location and may be later accessed by the receiving party to review and respond.

Synchronous messaging is still primarily carried out using PBX (Private Branch Exchange) or PSTN (public switched telephone network) networks. With the advent of commercially viable data oriented messaging solutions, more and more synchronous communications are occurring over the Internet in different forms. Some of the most popular type of synchronous messaging include IM (instant messaging), and VoIP (Voice over Internet Protocol) involving streaming audio/video technologies.

Asynchronous messaging is mostly carried out using commercial messaging systems, which involve electronic mailing (e.g., email or SMTP server). These types of messaging systems usually have central storage locations, such as an email or other messaging server, which is frequently administered by the business entity using them.

Synchronous messaging platforms using analog communication technologies remain fairly common. Although data oriented communication, such instant messaging and VoIP, is becoming increasingly popular, it has not fully superseded traditional methods of device based communication (e.g., PSTN telephone communication). As a result, a new blend of communication solutions are being generated, where data oriented communication mechanisms complement the traditional legacy networks. These approaches create numerous possible messaging configurations in which data oriented networks control traditional, and enable messaging between the two. Solutions are being created that integrate these networks and add more sophisticated features into the combination so as to increasingly transform conventional device interaction to individual interaction.

One class of such solutions includes instant messaging applications that promote optimum network use which increases performance of the IM application. Peer to peer (P2P) protocols have been used in this scenario, which provide direct host to host connections between the participants using optimized network paths. Many consumer applications in this sector use proprietary P2P protocols. Such applications tend to be centered on the individual. Administration of these applications may be difficult for network operators, especially in connection with certain management functions such as resource allocation or regulatory compliance. In addition, these applications do not fit neatly within the existing information structures of the corporate networks, thus making collaboration application limited.

A second class of applications prefers centralized synchronous messaging applications. In these applications, the organization may exert control over the communications environment from a compliance or management perspective, which may be easily integrated with its own corporate networks as well as partner networks. This may allow users to gain access to corporate enabled features such as security, compliance and effective policy applications for the administrators, while at the same time allowing use of corporate identity management features to locate people connected to the network. Client/server applications are used in these systems, and a set of protocols are being developed based on the standards.

Although the emergence of these various forms of electronic communication, and their integration into one another have generally improved productivity, no central management system exists to monitor, coordinate or otherwise administer or oversee such communications. As a result, IT managers tend to administer each of these communication technologies separately, which causes significant inefficiencies when attempting to implement corporate data management or communication polices.

For example, regulatory requirements increasingly require businesses to comply with data retention and administration standards that help complete an audit (usually by external audit agencies) of the activities undertaken by individuals involved in the business. One important activity performed in the course of conducting the business is the various forms of electronic messaging. Accordingly, auditors are frequently interested in examining the entire body of electronic messages relating to certain aspects of the business irrespective of the particular communication platform(s) used. Thus, it would be desirable to have the capability to define and identify electronic messages of interest within a business enterprise and store them such that they can easily be retrieved and examined in connection with an audit or other inquiry.

Furthermore, company management may wish to restrict, limit or otherwise be aware of communications relating to certain subject matter or among certain parties in order to ensure compliance with established communication policies or other administrative or legal restrictions. Thus, it would be further desirable to have the capability to define and identify electronic messages of interest before, during, or after a communication session so that any appropriate action may be taken (restrict communication, tag and store message as relevant to one or more topics or areas of inquiry, etc.).

SUMMARY

The present inventions relate systems and methods for monitoring and managing electronic messages in one or more computer networks. More particularly, the systems and methods of the present invention provide a substantially global or unified approach to messaging management within one or more computer networks that allows network administrators or other authorized users to define and identify electronic messages of interest within the network and store selected messages such that they can be retrieved and examined in connection with an audit or other inquiry.

In addition, aspects of the present invention provide systems and methods that may restrict, limit or otherwise identify communications relating to certain subject matter or among certain parties in a computer network to promote or ensure compliance with established communication policies or other administrative or legal restrictions associated with electronic communication. One way this may be accomplished is by defining and identifying electronic messages of interest before, during, or after a communication session so that any appropriate action may be taken (restrict communication, tag and store message as relevant to one or more topics or areas of inquiry, etc.).

One embodiment of the invention may include a computer-usable medium having stored therein computer-usable instructions for a processor, wherein said instructions when executed by the processor cause the processor to: initiate and administer a messaging session between two to or more clients a with communication server; create a compliance policy for defining messages of interest; and configure a compliance agent to monitor the messaging session, identify messages of interest within the messaging session and direct storage of identified messages, wherein the compliance agent determines a file format of the identified messages and optionally converts identified messages to a file format specified in the compliance policy.

BRIEF DESCRIPTION OF THE DRAWINGS

The above and other objects and advantages of the present invention will be apparent upon consideration of the following detailed description, taken in conjunction with the accompanying drawings, in which like reference characters refer to like parts throughout, and in which:

FIG. 1 illustrates a schematic block diagram of an electronic communication system constructed in accordance with the principles of the present invention.

FIG. 2 is a flow chart illustrating some of the steps involved in monitoring and selectively storing certain electronic messages in accordance with an embodiment of the present invention.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENT

The present inventions relate systems and methods for monitoring and managing electronic messages in one or more computer networks. More particularly, the systems and methods of the present invention provide a substantially global or unified approach to messaging management within one or more computer networks that allows network administrators or other authorized users to define and identify electronic messages of interest within the network and store selected messages such that they can be retrieved and examined in connection with an audit or other inquiry.

In addition, aspects of the present invention provide systems and methods that may restrict, limit or otherwise identify communications relating to certain subject matter or among certain parties in a computer network to promote or ensure compliance with established communication policies or other administrative or legal restrictions associated with electronic communication. One way this may be accomplished is by defining and identifying electronic messages of interest before, during, or after a communication session so that any appropriate action may be taken (restrict communication, tag and store message as relevant to one or more topics or areas of inquiry, etc.).

Although the present inventions are illustrated herein in connection with a computer network associated with a business or corporate enterprise, it will be understood that they are equally applicable to any suitable LAN or WAN type network that has one or more electronic messaging systems and may include other entities such small businesses and/or individual users. Moreover, it will be further understood that such computer networks may be portions of larger networks within a given enterprise and that aspects of the present invention may be selectively deployed to any suitable portion of such networks defined or specified by a network administrator, including certain business units, specific users or other organizational groups.

For example, it may be desired to identify and monitor electronic messages associated with certain groups such as accounting, legal, compliance, management, IT, technical groups, or administrator defines groups, etc. Other selective applications may include specific people with such groups and may further specify other criteria such as subject matter, time of day, messaging application, etc. Such groups need not be pre-existing (e.g., such as email groups) and may be defined as further described herein.

Furthermore, the solutions described herein are applicable to a wide variety of electronic communication systems which include both the synchronous and asynchronous communication technologies mentioned above. In some embodiments, the present invention may be constructed as one or more data structures or software modules, such as a monitoring or compliance agent, which are deployed to various computing or communication platforms with a given network for monitoring, identifying and subsequently directing storage and/or retrieval of certain electronic messages.

One embodiment of the invention is concerned with the administration of messaging systems which use the Session Initiation Protocol (SIP) to initiate and control messaging between a given source and destination. This may include communication networks that support or provide two-party or multiparty multimedia communication sessions such as voice and video calls over the Internet or other communications network. It may also include systems which provide video conferencing, streaming multimedia distribution, instant messaging, presence information and gaming applications. Moreover, such messaging systems may also support some or all of the advanced communication features present in SS7 (Signaling System 7) networks and interact with other data transfer protocols such as the Session Description Protocol (SDP) and Real-time Transfer Protocol (RTP).

In such embodiments, aspects of the invention may reside in (or interoperate with) certain SIP control agents such as SIP User Agents (SIP UAs) including User Agent Client (UAC) or User Agent Server (UAS) modules which may be modified and/or monitored to determine the initiation of a communications session and to identify messages of interest. With this approach, software modules, such as monitoring or compliance agents may be selectively deployed to one or more clients and/or servers to monitor and identify messages of interest.

Furthermore, embodiments of the invention may also interact with other legacy communication platforms such as standard PBX and PSTN networks. This may be accomplished using any suitable software or other intermediate control and/or interface logic that preferably seamlessly interoperates with such legacy networks to provide both legacy and/or more sophisticated voice and data communication service. One example of such software is Office Communication Server (OCS) from Microsoft Corporation. However, any other similar software or logic may be used, if desired.

FIG. 1 illustrates a schematic block diagram of a computer network, constructed in accordance with the principles of the present invention. As shown, system 100 includes a plurality of clients, which may clients 110, 112, 114, 120, 122 and 130. These clients may be any suitable client device such a personal computer, network terminal, or mobile client device including a cell phone, smart phone, PDA and like. In operation, communication servers 164 and 182 manage the instantiation, data transfer and termination of one or more messaging sessions between the clients.

The embodiment illustrated in FIG. 1 may represent a portion of a computer network 100 commonly found in a corporate or business environment. Client computers 110, 120 and 130 may be disparate geographic locations as the computer network may cover several different office locations. For example, network 154 may represent a LAN in the New York office of a business while network 155 represents a LAN in the San Francisco office. Computer 130 may represent a remote computer such an employee telecommuting from home or while on a business trip. As shown, network 100 may provide one or more synchronous messaging applications, with communication server 164 and 182 being SIP-enabled.

In the illustrated embodiment, communication servers 164 and 182 may include Microsoft Office Communications Server (OCS) or other suitable software or logic for interacting with the various different communication technologies. LAN 154 may further include domain management devices 163 and compliance agents 162 and 165 (described in more detail below). Similarly, LAN 155 may further include domain management devices 181 and compliance agent 183. Other embodiments of the present invention may use a communication server with similar functionality other than an OCS.

In some embodiments, the client computers may include certain client applications for initiating, managing, and terminating communication sessions through servers 164 and 182. Such applications may include Office Communicator, also developed by Microsoft Corporation (however any similar suitable application or logic may be used, if desired). This type of client/server application combination (e.g., OCS and Office Communicator) preferably allows conventional and data oriented networks interoperate with each other, with network transitions being substantially seamless through automated policies built into the applications that route the calls or other communications automatically based on user preferences.

Other similar protocols which may be used in conjunction with the present invention include, but are not limited to: ‘Jabber & XMPP’; .H323; MGCP; and RTP (for voice and video communication) and Jingle which is an extension to XMPP. Although these applications use a central server to access presence information and routing information, real time communication (media transport or audio/video) occurs peer to peer, in part because of the complexities that arise from bandwidth usage and bottleneck avoidance in the networks. Moreover, certain applications are used where only the text portion of a message can be captured in the central server. Examples include, but are not limited to, Microsoft Office Communications Server, and FaceTime®.

As mentioned above, communication servers 164 and 182 may manage the instantiation, administration and termination of messaging session(s) between two or more participants. Both the participants may be within the same domain or different domains in the same organization. In FIG. 1, each LAN 154 and 155 represent different domains within the same organization.

In operation, any of clients, including computers 110, 120 or 130 may initiate a communication or messaging session. For example, client 130 may initiate an instant messaging session with client computers 110 and 120. In this case, the IM request may pass through Internet 174 and to client 110 through communications server 164 and similarly to client 120 through communications server 182. Such a communications session may also further include audio (e.g., through VoIP) and/or a video component. Network routing and management of the communications session may be managed through the client and server applications described above.

Network administrators may desire to track such communications in order to comply with established communications policies or regulatory requirements. One way this may be accomplished is by monitoring communications including message contents to determine whether they fall into categories that may be relevant to applicable policies, relate to certain subject areas or are relevant to other types of inquiries, such as regulatory or financial inquiries.

Such relevant subject matter may be defined by network administrators or other authorized network users. For example, a network administrator in consultation with management and legal advisors may define types of messages or message content and/or communications that are of interest or need to be stored, restricted or prevented. Such subject matter may also be in the form of pre-existing data management policies or preferences. This information may entered or uploaded a through an editing or compliance program interface specifically designed for this task (not shown) and may include pull down menus and other predefined default setting based on the type of business involved. For example, regulatory or auditing requirements vary from business to business. A brokerage house has different compliance and retention needs than a hospital, which as different needs from a drug manufacturer or law firm. Default categories may be automatically selected based on the type of business identified. These defaults may be further supplemented based on an analysis of network configuration or communication technologies used (typically during installation).

Examples of how such content may be defined includes, but is not limited to, user-specified keywords or subject matter definitions (e.g., financial, legal, technical, marketing, budget, investor relations, corporate compliance, etc.) content type, attachment type, etc. Other criteria that may be considered includes: author, point of origination, destination (chat room, bulletin board, etc.) recipient(s), time of day, communication application used, etc. Such groups need not be pre-existing (e.g., such as email groups) and may be defined as further described herein.

Thus, initially, a network administrator may define content and other message attributes of interest for storage and retrieval during a subsequent compliance inquiry. One way this may be accomplished by creating one or more “compliance policies” that set forth subject matter of interest and define what steps are to be taken with messages that satisfy the defined criteria (i.e., specify storage paths and locations, data format and/or conversion preferences, specify data retention criteria, whether such information is confidential and access is limited to a certain authorized individuals, etc.). Such compliance policies may be any suitable data structure, software module, computer code or other application suitable for performing the tasks further described herein.

Afterwards, these preferences may be communicated to (or converted into) filters or recognition and processing routines that are deployed as part of customized compliance or monitoring agents within network 100. Such compliance or monitoring agents are shown in FIG. 1 as agents 162, 165 and 183.

Although these agents are depicted as residing on independent hardware platforms, it will be understood that such agents may physically reside on, or be distributed to, any suitable computing device(s) in network 100 such as client computers, communications servers or domain devices. Moreover, it will be further understood that such monitoring agents may be embodied as software, firmware or any other logic capable of performing the functions described herein. For example, in some embodiments, the agents may be deployed as part of (or in place of) UAC or UAS agents. Moreover, such agents may also be embodied as one or more client or sever-side “bots” which to act to index and transmit content from one point to another. In some embodiments, such bots may include one or more media bots and/or remote file management bots.

Thus, after monitoring criteria are established, compliance agents may be distributed (or updated) throughout network 100. Initially, this may be done as part of an application installation routine, with updates being distributed periodically (e.g., as regulatory requirements or message definitions are changes or updated). During the installation routine, specific hardware information may be collected through auto-discovery or other known network analysis techniques and compliance agents may be installed in the appropriate network locations based on the results of that analysis.

During ensuing communication sessions, the content of various messages traveling within network 100 may be monitored based on the established criteria. Messages such as text-based messages and attachments that meet the defined criteria are identified and then stored in certain memory locations or database within the network. This storage medium may be selected such that it may be easily or quickly accessed or dedicated to a compliance or auditing function to ensure data integrity. Such a memory or archiving device may be located in, or associated with, domain devices 163 or 181. As mentioned above, the storage path and storage device for a given message may be specified by the applicable compliance policy.

In the case where messages include audio or video components, such information may be converted to text format and stored along with the native media file for future use. For example, a text message may include a video having an associated audio component attachment. If the text message is identified as relevant by a compliance agent, the attachment may be converted to text by passing it through speech recognition software. The converted text file may be added to the text message along with the raw video file and placed saved in memory for future examination.

Moreover, in some embodiments where messages have limited or no text content but include multimedia attachments, those attachments may be buffered or copied to an intermediate memory location and examined as described above to determine whether they include relevant information. Messages that do not meet the selection criteria are removed or deleted. Messages that are selected as relevant re then forwarded to the appropriate compliance database or storage medium.

In some embodiments, network 100 may perform certain memory management functions on stored messages to improve search and retrieval functions and to reduce or eliminate duplicative information. For example, network 100 may employ certain data de-duplication measures such as single instance storage technologies to remove duplicative information. For example, in the case where client computer 110 is in communication with client computer 120, some or all of the same messages may be tagged and stored by both compliance agent 165 and compliance agent 183. Such duplicative information may be identified by one or more computers in domain device$ and 163 and 181 and removed such that one copy of this message remains rather than multiple copies in each domain.

Moreover, in some embodiments, compliance agents and/or domain devices may perform certain data conversion routines on identified messages to reduce the number of different file format types stored within network 100. For example, some or all audio messages may be converted to a common popular compressed file format such as MP3 to conserve memory and ensure ease of playback and future compatibility. For example, WAV, PCM, AA3 or other audio file types may be identified and then converted to MP3 files prior to (or sometime after initial) storage. Video files may be treated similarly. Moreover, word processing or spreadsheet file types may be identified and converted to a common file type or may be converted to text files. For example, WordPerfect files may be converted to MS Word files or to ASCII or text files, etc.

Additional features provided by the present invention may include real-time monitoring of messages to prevent or prohibit certain types of communication. For example, a company may wish to prevent its employees from visiting chat rooms or posting to message boards while at work. In this case, the network administrator may define these types of transactions as prohibited through a compliance policy or communication restriction. Thus, if an employee attempts to send a text message, email or other communication to these destinations, a copy of that message may be stored and management alerted to this transaction. Furthermore, a warning or reminder screen may appear prior to (or after) the message is sent informing the user that the contemplated action is in violation of established communication policies. In some embodiments, the action may be blocked.

A similar procedure may be used to prohibit communications within an enterprise or to make management aware of such communications. For example, a group of investment advisors in one location may be prohibited from communicating with a group of investment advisors at another location. Thus, if an employee of the first group attempts to send a text message, email or other communication to the second group, a copy of that message may be stored and management alerted to this transaction. Furthermore, a warning or reminder screen may appear prior to (or after) the message is sent informing the user that the contemplated action is in violation of established communication policies. In some embodiments, the action may be blocked and further such communications prevented.

FIG. 2 is a flow chart 200 illustrating some of the steps associated with the monitoring and storing of electronic messages in accordance with an embodiment of the present invention. Initially, at step 202, a network administrator or other authorized user may define subject matter or communication attributes that will trigger a storage response from compliance agents within network 100. As mentioned above, this may include user specified keywords, subject matter, content type, attachment type, etc. Other criteria that may be considered includes author, point of origination, destination recipient(s), time of day, communication application used, etc. Such groups need not be pre-existing and may be defined as further described herein.

This may be accomplished by creating one or more compliance policies that set forth subject matter of interest and define what steps are to be taken with messages that satisfy the defined criteria. Subsequently, the preferences specified in these policies may be communicated to (or converted into) filters or recognition and processing routines that are deployed as part of customized compliance or monitoring agents within network 100 (step 204).

Next, at step 206, the compliance agents may monitor communication within a specified network for messages that meet the defined criteria. This may be accomplished using any suitable active or passive data monitoring technique known in the art such as IGMP or DCHP snooping of data packets or by directly comparing characters in payload sections of messages to the defined keywords or topics of interest. In some embodiments, the compliance agent may add itself to the communication link such that substantially all data passes through it so that the data can be monitored in real time. In other embodiments, message data may be copied for analysis, and the compliance agent may operate in parallel with the communication link.

Next, at step 208, the compliance agents identify messages that meet the criteria specified in the compliance policies. At this point, the compliance agents may refer to the applicable compliance policy to determine what further steps need to be performed on the identified messages (step 210). For example, in some embodiments, the compliance policy may specify the storage path, database or memory location to store that message. Because the various compliance definitions may be applicable to different regulations or auditing inquiries, different messages may have different storage locations, retention criteria, confidentiality designations etc. Moreover, the compliance policy may specify certain format or conversion preferences for the identified message.

Next, at step 212, once the data processing preferences have been obtained, those preferences are implemented. For example, this may include converting the format of the message to a format defined in the compliance policy. Further, this may include converting audio and/or video message to text files, which may be indexed and searched for auditing or regulatory compliance purposes. Converted messages may then be stored a in designated memory location and indexed for future retrieval. The storage manager of this procedure may create a message log which identifies each message by certain descriptors such as size, file type, date received, reason message was selected, confidentiality designation, etc.

Next, at step 214, certain memory management functions may be performed on stored messages to improve search and retrieval operations and to reduce or eliminate duplicative information. For example, certain data de-duplication measures such as single instance storage technologies may be employed to remove duplicative information. For example, in the case where one or more client computers in different domains exchange messages, some or all of the same messages may be tagged and stored by compliance agents in both domains. Such duplicative information may be periodically identified and removed such that one copy of this message remains rather than multiple copies in each domain.

Additional features provided by the present invention may include real-time monitoring of messages to prevent or prohibit certain types of communication. For example, a company may wish to prevent its employees from visiting chat rooms or posting to message boards while at work. In this case, the network administrator may define these types of transactions as prohibited through a compliance policy or communication restriction (step 202). Thus, if an employee attempts to send a text message, email or other communication to these destinations, a copy of that message may be stored and management alerted to this transaction (step 216) Furthermore, a warning or reminder screen may appear prior to (or after) the message is sent informing the user that the contemplated action is in violation of established communication policies (step 218). In some embodiments, the action may be blocked (step 220).

Systems and methods described herein may comprise software, firmware, hardware, or any combination(s) of software, firmware, or hardware suitable for the purposes described herein. Software and other modules may reside on servers, workstations, personal computers, computerized tablets, personal digital assistants (PDAs), and other devices suitable for the purposes described herein. Software and other modules may be accessible via local memory, via a network, via a browser or other application in an application service provider (ASP) context, or via other means suitable for the purposes described herein. Data structures described herein may comprise computer files, variables, programming arrays, programming structures, or any electronic information storage schemes or methods, or any combinations thereof, suitable for the purposes described herein. User interface elements described herein may comprise elements from graphical user interfaces, command line interfaces, and other interfaces suitable for the purposes described herein. Screenshots presented and described herein can be displayed differently as known in the art to input, access, change, manipulate

Aspects of the present inventions described herein may be embodied as computer-executable instructions, such as routines executed by a general-purpose computer, e.g., a server computer, wireless device or personal computer. Those skilled in the relevant art will appreciate that the invention can be practiced with other communications, data processing, or computer system configurations, including: Internet appliances, hand-held devices (including personal digital assistants (PDAs)), wearable computers, all manner of cellular or mobile phones, multi-processor systems, microprocessor-based or programmable consumer electronics, set-top boxes, network PCs, mini-computers, mainframe computers, and the like.

Aspects of the invention can be embodied in a special purpose computer or data processor that is specifically programmed, configured, or constructed to perform one or more of the computer-executable instructions explained in detail herein. Aspects of the invention can also be practiced in distributed computing environments where tasks or modules are performed by remote processing devices, which are linked through a communications network, such as a Local Area Network (LAN), Wide Area Network (WAN), or the Internet. In a distributed computing environment, program modules may be located in both local and remote memory storage devices.

Aspects of the invention may be stored or distributed on computer-readable media, including magnetically or optically readable computer discs, hard-wired or preprogrammed chips (e.g., EEPROM semiconductor chips), nanotechnology memory, biological memory, or other data storage media. Indeed, computer implemented instructions, data structures, screen displays, and other data under aspects of the invention may be distributed over the Internet or over other networks (including wireless networks), on a propagated signal on a propagation medium (e.g., an electromagnetic wave(s), a sound wave, etc.) over a period of time, or they may be provided on any analog or digital network (packet switched, circuit switched, or other scheme). Those skilled in the relevant art will recognize that portions of the invention reside on a server computer, while corresponding portions reside on a client computer such as a mobile or portable device, and thus, while certain hardware platforms are described herein, aspects of the invention are equally applicable to nodes on a network.

While the invention has been described and illustrated in connection with preferred embodiments, many variations and modifications as will be evident to those skilled in this art may be made without departing from the spirit and scope of the invention, and the invention is thus not to be limited to the precise details of methodology or construction set forth above as such variations and modification are intended to be included within the scope of the invention. 

1. (canceled)
 2. A system comprising: a plurality of first computing devices comprising computer hardware; a graphical user interface (GUI) configured to provide input functionality allowing a user to specify criteria for identifying messages of interest among a plurality of messages communicated between the first computing devices during one or more messaging sessions; and a second computing device comprising computer hardware, executing a compliance agent, and in communication with the first computing devices, the compliance agent configured to: monitor messages within the messaging sessions; for a first monitored message of the messages monitored within the messaging sessions, where the first monitored message includes an audio or video data portion, convert the audio or video data portion to converted text; prior to storage of the first monitored message in a storage destination specified in a compliance policy, process the converted text to identify the first monitored message as one of one or more identified messages of interest within the messaging sessions; and direct storage of the first monitored message to the storage destination specified in the compliance policy.
 3. The system of claim 2, further comprising a Session Initiation Protocol (SIP) server configured to initiate and administer the messaging sessions.
 4. The system of claim 2 wherein the first monitored message is identified as one of the one or more identified messages of interest prior to storage of the first monitored message in the storage destination specified in the compliance policy.
 5. The system of claim 2, wherein the system further comprises a speech recognition module configured to convert the audio or video data portion into the converted text.
 6. The system of claim 2, wherein the compliance policy specifies a confidentiality designation for the one or more identified messages of interest.
 7. The system of claim 2, wherein the one or more identified messages of interest are conveyed by a public switched telephone network (PSTN) or a private branch exchange (PBX) network and controlled by a data network.
 8. The system of claim 2, wherein the compliance agent is further configured to determine that text associated with the first monitored message is not in a file format type specified in the compliance policy, and to convert the text associated with the first monitored message into the specified file format type.
 9. The system of claim 8, wherein the specified file format type includes an American Standard Code for Information Interchange (ASCII).
 10. The system of claim 8, wherein the compliance agent is configured to convert the text associated with the first monitored message from one or more of: MS Word to WordPerfect; WordPerfect to MS Word; MS Word to ASCII; and WordPerfect to text.
 11. The system of claim 2, wherein the compliance agent includes a Session Initiation Protocol User Agent or Session Initiation Protocol User Agent Client.
 12. The system of claim 2, further comprising a de-duplicating agent configured to de-duplicate the first monitored message in storage.
 13. The system of claim 2, wherein the compliance policy incorporates legal or regulatory requirements.
 14. A method of processing electronic messages, comprising: providing a graphical user interface (GUI) configured to allow a user to specify criteria for identifying messages of interest among a plurality of messages communicated between a plurality of first computing devices during one or more messaging sessions; with at least one computing device comprising computer hardware: monitoring messages within the messaging sessions; for a first monitored message of the messages monitored within the message sessions, where the first monitored message includes an audio or video data portion, converting the audio or video data portion to converted text; processing the converted text; based at least in part on said processing, identifying the first monitored message as one of one or more identified messages of interest within the messaging sessions; and storing the first monitored message to one or more storage destinations specified in the compliance policy.
 15. The method of claim 14, further comprising conveying the one or more identified messages of interest over a public switched telephone network (PSTN) or a private branch exchange (PBX) network and controlling the one or more identified messages, at least in part, with a data network.
 16. The method of claim 14, further comprising determining that text associated with the first monitored message is not in a file format type specified in the compliance policy, and converting the text associated with the first monitored message into the specified file format type.
 17. The method of claim 16, wherein the specified file format type is MS Word, WordPerfect, or American Standard Code for Information Interchange (ASCII).
 18. The method of claim 14, further comprising de-duplicating the first monitored message.
 19. One or more non-transitory computer-usable media having stored therein computer-usable instructions that, when executed by one or more computing devices comprising computer hardware, cause the one more computing devices to: provide a graphical user interface (GUI) including input functionality allowing a user to specify criteria for identifying messages of interest among a plurality of messages communicated between a plurality of first computing devices during one or more messaging sessions; monitor the messaging sessions; for a first monitored message of the messages monitored within the messaging sessions, the first monitored message including an audio or video data portion, convert the audio or video data portion to converted text; process the converted text; based at least in part on said processing, identify the first monitored message as a first identified message of one or more identified messages of interest within the messaging sessions; and store the first monitored message to one or more storage destinations specified in the compliance policy. 